Public vs. Private Instances of SafePlaces API

Owned by Daniel McCoy
May 27, 2020
1 min read

Work IN PROGRESS

Overview

The goal of this document is to give an overview of what a deployed version of the SafePlaces API might look like.

For security reasons SafePlaces API endpoints will need to be partitioned into two buckets – public and private. Public endpoints will be utilized/exposed for use by the SafePaths mobile application. Private endpoints will utilized/exposed for use by the SafePlaces web UI. Whether or not an instance of the application is running in a private/public context will be controlled by an environment variable.

Both a private and public version of the application will need to be deployed in separate containers. Both instances of the API application will talk to the same database. Each version of the application will need to be provisioned with its own database user with correctly configured read/write privileges.

Open Questions